From patchwork Mon Dec 12 14:19:54 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: APPLIED: [CVE-2011-1576] core: Fix memory leak/corruption on VLAN
GRO_DROP
From: Stefan Bader
X-Patchwork-Id: 130754
Message-Id: <4EE60D8A.6080803@canonical.com>
To: Tim Gardner
Cc: kernel-team@lists.ubuntu.com
Date: Mon, 12 Dec 2011 15:19:54 +0100
On 12.12.2011 15:07, Tim Gardner wrote:
> On 12/07/2011 09:46 AM, Stefan Bader wrote:
>> On 19.09.2011 16:12, Tim Gardner wrote:
>>> On 09/19/2011 08:00 AM, Stefan Bader wrote:
>>>> introduced by (2.6.30):
>>>> 5d0d9be8ef456afc6c3fb5f8aad06ef19b704b05
>>>> gro: Move common completion code into helpers
>>>>
>>>> fixed upstream by (2.6.37):
>>>> 3701e51382a026cba10c60b03efabe534fba4ca4
>>>> vlan: Centralize handling of hardware acceleration.
>>>>
>>>> The upstream fix avoids the problem by re-arranging some helper functions.
>>>> This minimal fix was picked from the RedHat source package. It matches the
>>>> way that the vlan code handled the cases before the merge.
>>>>
>>>> Natty and Oneiric have the upstream fix. Hardy does not even handle GRO.
>>>> So only fixes for Lucid and Maverick are required. The two versions for
>>>> lucid/fsl-imx51 and the rest only differ by a bit of sourrounding code.
>>>>
>>>
>>>
>> Benjamin Poirier from SUSE had been looking at this one, too. And we had brief
>> discussion. While the simple fix we took from RedHat will likely work, it is not
>> really restoring a previous behavior as I had been thinking. This alternate
>> approach is now queued in 2.6.32.y and when that hits, we could revert the other
>> patch. And we likely would then want to do the same for all the combinations of
>> other places where the same patch has been added.
>>
>> -Stefan
>
> So, you're kind of confusing me about which patches get reverted in what
> release. Perhaps you could send pull requests for each release that demonstrate
> exactly how you'd like each release to look.
>
> rtg
The following changes since commit b6b7ef7ca0aa2ed75478ab2257544271aca245a4:
KEYS: Fix a NULL pointer deref in the user-defined key type, CVE-2011-4110
(2011-12-06 13:22:15 -0700)
are available in the git repository at:
git://kernel.ubuntu.com/smb/ubuntu-maverick.git CVE-2011-1576
Benjamin Poirier (1):
gro: reset vlan_tci on reuse
Stefan Bader (1):
Revert "core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576"
net/core/dev.c | 4 +---
1 files changed, 1 insertions(+), 3 deletions(-)